Although the “Ready to Ride” group originated in Russia it distributes Win32/Cycbot outside the borders of the Russian Federation. Going by the prices per installation the primary target of the group is the US.

The TDSS botnet, now in its 4th generation, is seriously sophisticated malware, which is why we've spent so much time writing about it: the revision of the paper The Evolution of TDL: Conquering x64 that will be up on the white papers page shortly runs to 54 pages and includes some highly technical analysis, including the detail on

The US Department of Justice's announcement yesterday of the takedown of the command and control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime. This particular botnet,

Here’s a little information from ESET’s point of view about the Coreflood botnet, whose C&C (Command and Control) servers were taken down yesterday by the Department of Justice. The Coreflood bot is detected by ESET products as Win32/Afcore and has been active since the early years of the last decade (certainly since 2001), though our

Since the feed will be public and historic, there is a potential to research trends over the timeline, particularly as twitter is being used for more command and control functionality. As soon as it becomes available, we’ll follow up. :)

The estimable Graham Cluley’ drew my attention in his blog to the fact that this is National Zombie Awareness Week in Australia. A zombie is security geekspeak for a PC that has been infected by a bot or agent, so that it’s added to a network of compromised machines (a botnet) under the control of